MksDdn Forms Handler

2.4.0

• Feature: Redirect URL after form submission – configure absolute URLs (same domain) or relative paths; external domains require whitelist filter
• Feature: Custom Telegram templates with placeholders for form fields, system data (date, time, page URL), and field labels; supports HTML formatting
• Improved: Email notification settings migration for existing forms
• Improved: Enhanced error logging and input sanitization
• Improved: Localization support for admin confirmation and error messages
• Technical: TemplateParser class and TelegramFormatterTrait for template handling

2.3.0

• Improved: Localization — error messages (spam, rate limit, invalid data), notification labels (Telegram/email), default email subject, and Google Sheets connection messages are now translatable
• Improved: Telegram and email notifications use field labels from form configuration (notification_label → label → name), including nested fields in array_of_objects; Google Sheets continues to receive values only (no label mapping)
• Improved: Regex pattern validation on form config save — preserves backslashes, validates syntax; invalid patterns rejected with debug log
• Improved: Fields config JSON stored with wp_slash to prevent backslash stripping; pattern note added in Fields Configuration UI
• Improved: Attachment metadata (thumbnails, etc.) generated only for image MIME types — faster handling of large non-image uploads
• Technical: TelegramHandler and FormsHandler::build_email_body() accept optional fields_config for label mapping; Utilities::sanitize_pattern_for_storage() for pattern sanitization

2.2.0

• Feature: Tabbed interface for form settings – improved organization with separate tabs for Form Fields, Email Settings, Telegram, Google Sheets, Admin Storage, Display, and Advanced options
• Improved: Google Sheets settings page moved to a submenu under Forms section for better admin structure
• Improved: Enhanced localization support for Google Sheets settings page with Russian and English translations
• Technical: Updated redirect URIs to point to the correct admin page with improved consistency
• Technical: Added tab navigation functionality with JavaScript for seamless settings management

2.1.1

• Improved: Enhanced form accessibility with aria-label attributes for required fields without labels
• Improved: Better label management – removed unnecessary label display for fields without labels
• Improved: Enhanced form examples for consistency in required field handling
• Technical: Refactored form field handling to improve accessibility compliance

2.1.0

• Improved: Page URL field moved from “Submission Info” meta box to “Submission Data” section
• Improved: Page URL is now included in all notifications (email, Telegram, Google Sheets)
• Technical: Added get_page_url() method to extract page URL from referer
• Improved: Page URL automatically displayed as clickable link in submission data

2.0.0

• Feature: Added Russian language support with complete translation files (.po and .mo)
• Feature: Form customization – custom submit button text, HTML after button, and custom success messages
• Feature: Improved file upload handling via AJAX with FormData support
• Security: Added direct access checks in multiple classes for better security
• Improved: Enhanced error handling with JSON responses for nonce verification failures
• Improved: Updated documentation for shortcode usage and asset registration

1.3.1

• Compatibility: Tested with WordPress 6.9

1.3.0

• Feature: New array_of_objects field type with full nested field validation
• Feature: Type-specific validation for nested fields (email, number, tel, url, etc.)
• Feature: Type-specific sanitization for nested fields in arrays
• Security: Arrays are now restricted to array_of_objects type only – prevents validation bypass
• Security: Simple field types (text, email, number, etc.) now reject arrays for better security
• Improved: Each array item is validated according to nested field configuration
• Improved: Better error messages for array validation with item index
• Technical: Added validate_array_of_objects() method for comprehensive array validation
• Technical: Added sanitize_array_of_objects() method for type-based sanitization
• Technical: Updated field configuration sanitization to support nested fields property
• Breaking: Forms using text type for arrays must be updated to array_of_objects type
• Full backward compatibility for existing form submissions (data format unchanged)

1.2.0

• Feature: Added support for nested arrays and objects in REST API submissions
• Feature: Recursive sanitization for complex data structures (arrays of objects)
• Improved: Array of objects now displays as formatted tables in email notifications
• Improved: Array of objects formatted in Telegram messages with proper structure
• Improved: Array of objects saved as JSON in Google Sheets for better data handling
• Improved: Admin submission detail view now shows arrays of objects as HTML tables
• Improved: Admin submissions list shows item count for arrays of objects instead of “Array”
• Improved: Better handling of nested data structures in all delivery methods
• Technical: Added recursive value sanitization method (sanitize_value_recursive)
• Technical: Added recursive data size calculation for nested structures
• Technical: Added helper methods for detecting and rendering arrays of objects
• Full backward compatibility – all existing forms continue to work

1.1.1

• Security: Added esc_url() escaping for all URL outputs in custom-form-examples.php template
• Fixed: WordPress Coding Standards compliance for template output functions

1.1.0

• Added support for custom forms in PHP templates
• New template functions for easy integration: mksddn_fh_get_form_action(), mksddn_fh_form_fields(), mksddn_fh_get_form_config()
• New helper functions: mksddn_fh_get_rest_endpoint(), mksddn_fh_form_has_files(), mksddn_fh_enqueue_form_script()
• Added “Accept any fields from frontend” option – skip field validation for custom forms (Advanced Settings)
• New filter: mksddn_fh_allowed_fields – dynamically control allowed field names (supports wildcard ‘*’)
• Added comprehensive examples in templates/custom-form-examples.php
• Extended Utilities class with methods for template integration
• Fixed: Telegram message formatting switched from Markdown to HTML to prevent parsing errors
• Improved: Better handling of special characters in Cyrillic text (dashes, dots, brackets)
• Added: escape_html_for_telegram() method for proper HTML escaping
• Full backward compatibility – all existing shortcodes continue to work

1.0.5

• REST: Fixed warnings caused by implicit array-to-string conversions (multipart submissions)
• Validation: Hardened guards for email/url/tel/number; refined date/time/datetime-local handling
• REST: Correct total payload size calculation for array values

1.0.4

• Fields: Added select (with multiple) and radio support in shortcode
• Config: options and multiple support in fields JSON
• Validation: Ensured submitted values match configured options
• Emails/Admin: Proper rendering of array values (comma-separated)
• Docs: README and readme.txt updated with field types and examples

1.0.3

• REST: Removed legacy /wp/v2/forms route; unified custom namespace
• REST: Added GET endpoints in custom namespace:
  • GET /wp-json/mksddn-forms-handler/v1/forms
  • GET /wp-json/mksddn-forms-handler/v1/forms/{slug}
• Docs: Updated README and user guides (FAQ, Integrations)
• Meta: Bumped plugin version to 1.0.3

1.0.2

• Enqueued scripts/styles properly, removed inline JS/CSS
• Prefixed options/transients and custom post types
• REST: custom namespace only; added honeypot and rate limiting
• Security: strict sanitization/validation for fields config JSON
• Compliance updates per Plugin Review feedback
• Prefixes, REST adjustments, enqueue fixes, security hardening
• Readme External services section added

1.0.1

• Added uninstall.php to clean plugin options and transients (keeps CPT data)
• Version metadata adjusted

1.0.0

• Initial release
• Multiple delivery methods (email, Telegram, Google Sheets)
• REST API support
• Custom post types for forms and submissions
• Security measures and validation
• Clean, maintainable code structure